Lucene search
GoogleOSV:DSA-578-1HistoryNov 01, 2004 - 12:00 a.m.
mpg123 - buffer overflow
2004-11-0100:00:00
Google
osv.dev
6
0.037 Low
EPSS
Percentile
91.9%
Carlos Barros has discovered a buffer overflow in the HTTP
authentication routine of mpg123, a popular (but non-free) MPEG layer
1/2/3 audio player. If a user opened a malicious playlist or URL, an
attacker might execute arbitrary code with the rights of the calling
user.
For the stable distribution (woody) this problem has been fixed in
version 0.59r-13woody4.
For the unstable distribution (sid) this problem has been fixed in
version 0.59r-17.
We recommend that you upgrade your mpg123 package.
References
Related
freebsd
freebsd
mpg123 -- buffer overflow in URL handling
2004-10-02 00:00:00
gentoo
gentoo
mpg123: Buffer overflow vulnerabilities
2004-10-27 00:00:00
openvas
openvas
FreeBSD Ports: mpg123, mpg123-nas, mpg123-esound
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200410-27 (mpg123)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-578-1)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2004-0982
2004-11-19 05:00:00
CVE-2006-3355
2006-07-06 20:00:00
nvd
nvd
CVE-2004-0982
2005-02-09 05:00:00
CVE-2006-3355
2006-07-06 20:05:00
debiancve
debiancve
CVE-2004-0982
2005-02-09 05:00:00
CVE-2006-3355
2006-07-06 20:05:00
nessus
nessus
Debian DSA-578-1 : mpg123 - buffer overflow
2004-11-10 00:00:00
GLSA-200410-27 : mpg123: Buffer overflow vulnerabilities
2004-10-28 00:00:00
Mandrake Linux Security Advisory : mpg123 (MDKSA-2004:120)
2004-11-02 00:00:00
ubuntucve
ubuntucve
CVE-2004-0982
2005-02-09 00:00:00
CVE-2006-3355
2006-07-06 00:00:00
debian
debian
[SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
2004-11-01 13:33:16
[SECURITY] [DSA 578-1] New mpg123 packages fix arbitrary code execution
2004-11-01 13:33:16
cve
cve
CVE-2004-0982
2005-02-09 05:00:00
CVE-2006-3355
2006-07-06 20:05:00